You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-11657
About this tag
CVE-2026-11657 is a high-severity use-after-free vulnerability in Google Chrome's Payments component on macOS, fixed in Chrome version 149.0.7827.103. Disclosed on June 8, 2026, the flaw allows remote code execution via a crafted HTML page, as described by NVD and CISA-ADP. WindowsForum.com discussions emphasize that Mac users running older Chrome builds should update immediately. The vulnerability highlights how browser security risks can emerge at the intersection of web features, platform integration, and trusted payment flows. While this specific CVE targets macOS, it serves as a broader reminder of the importance of keeping browsers updated to mitigate similar threats across platforms.
Google assigned CVE-2026-11657 to a high-severity use-after-free flaw in Chrome’s Payments component on macOS, fixed in Chrome 149.0.7827.103 after disclosure on June 8, 2026, with NVD and CISA-ADP describing a crafted HTML page as the remote attack path. The short version is simple: Mac users...